package com.mdl.common.util.rsa;


import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.io.IOException;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

/**
 * Project Name: test
 * File Name: rsa.RSAUtil
 * Package Name: PACKAGE_NAME
 * Date: 2018/9/10  9:05
 * Copyright (c) 2018, tianyul All Rights Reserved.
 * RSA 加密工具类
 */
public class RSAUtil {

    private String algorithm       = "RSA";//加密算法
    private String signAlgorithm   = "MD5withRSA";//签名算法


    /**
     * 签名
     * @param data        数据
     * @param privateKey  私钥
     * @return
     * @throws IOException
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     * @throws InvalidKeyException
     * @throws SignatureException
     */
    public String sign(byte[] data, String privateKey) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException {
        //解密Base64编码的私钥
        byte[] keyBytes = decryptBase64(privateKey);

        //构造 PKCS8EncodedKeySpec 对象
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyBytes);

        //指定加密算法
        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);

        //获取私钥对象
        PrivateKey priKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);

        //用私钥对信息生成数字签名
        Signature signature = Signature.getInstance(signAlgorithm);
        signature.initSign(priKey);
        signature.update(data);

        //Base64编码
        return encryptBase64(signature.sign());
    }

    /**
     * 验签
     * @param data        数据
     * @param publicKey   公钥
     * @param sign        签名
     * @return
     */
    public boolean verify(byte[] data, String publicKey, String sign) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException {
        //解密由 Base64编码的公钥
        byte[] keyBytes = decryptBase64(publicKey);

        //构造 X509EncodedKeySpec 对象
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyBytes);

        //指定加密算法
        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);

        //获取公钥对象
        PublicKey publicKey1 = keyFactory.generatePublic(x509EncodedKeySpec);

        //获取签名信息
        Signature signature = Signature.getInstance(signAlgorithm);
        signature.initVerify(publicKey1);
        signature.update(data);

        //校验签名是否正常
        return signature.verify(decryptBase64(sign));
    }

    /**
     * 私钥解密
     * @param data
     * @param key
     * @return
     */
    public byte[] decryptByPrivateKey(byte[] data, String key) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        //对密钥解密
        byte[] keyBytes = decryptBase64(key);

        //获取私钥
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyBytes);

        //指定加密算法
        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);

        //获取私钥
        Key privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);

        //对数据解密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.DECRYPT_MODE, privateKey);

        return cipher.doFinal(data);
    }

    /**
     * 公钥解密
     * @param data
     * @param key
     * @return
     * @throws IOException
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     * @throws NoSuchPaddingException
     * @throws InvalidKeyException
     * @throws BadPaddingException
     * @throws IllegalBlockSizeException
     */
    public byte[] decryptByPublicKey(byte[] data, String key) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        //对密钥解密
        byte[] keyBytes = decryptBase64(key);

        //获得公钥
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyBytes);

        //指定加密算法
        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);

        //获取公钥
        Key publicKey = keyFactory.generatePublic(x509EncodedKeySpec);

        //对数据解密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.DECRYPT_MODE, publicKey);

        return cipher.doFinal(data);
    }

    /**
     * 私钥加密
     * @param data
     * @param key
     * @return
     * @throws IOException
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     * @throws NoSuchPaddingException
     * @throws InvalidKeyException
     * @throws BadPaddingException
     * @throws IllegalBlockSizeException
     */
    public byte[] encryptByPrivateKey(byte[] data, String key) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        //对私钥解密
        byte[] keyBytes = decryptBase64(key);

        //获取私钥
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyBytes);

        //指定加密算法
        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);

        //获取私钥
        Key privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);

        //对数据加密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);

        return cipher.doFinal(data);
    }

    /**
     * 公钥加密
     * @param data
     * @param key
     * @return
     * @throws IOException
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     * @throws NoSuchPaddingException
     * @throws InvalidKeyException
     * @throws BadPaddingException
     * @throws IllegalBlockSizeException
     */
    public byte[] encryptByPublicKey(byte[] data, String key) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        //解密公钥
        byte[] keyBytes = decryptBase64(key);

        //获取公钥
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyBytes);

        //指定算法
        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);

        //获取公钥
        Key publicKey = keyFactory.generatePublic(x509EncodedKeySpec);

        //对数据加密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);

        return cipher.doFinal(data);
    }

    public byte[] decryptBase64(String key) throws IOException {
        return new BASE64Decoder().decodeBuffer(key);
    }

    public String encryptBase64(byte[] key) {
        return new BASE64Encoder().encodeBuffer(key);
    }
}
